Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

This is a simple alternative to django-rules. Its core difference is that it does not rely on models. Instead, it uses a registry which can be modified at runtime.

One of its goals is to enable developers of external apps to make rules, depend on it, while allowing a project to override rules.

Example your_app/

# Everybody can read a blog post (for now!):
rules_light.registry[''] = True

# Require authentication to create a blog post, using a shortcut:
rules_light.registry[''] = rules_light.is_authenticated

# But others shouldn't mess with my posts !
def is_staff_or_mine(user, rule, obj):
    return user.is_staff or == user

rules_light.registry[''] = is_staff_or_mine
rules_light.registry[''] = is_staff_or_mine

Example your_app/

class PostDetailView(generic.DetailView):
    model = Post

class PostCreateView(generic.CreateView):
    model = Post

class PostUpdateView(generic.UpdateView):
    model = Post

class PostDeleteView(generic.DeleteView):
    model = Post

You might want to read the tutorial for more.

What's the catch ?

The catch is that this approach does not offer any feature to get secure querysets.

This means you have to:

  • think about security when making querysets,
  • override eventual external app ListViews,


  • Python 2.7+ (Python 3 supported)
  • Django 1.8+

Quick Install

  • Install module: pip install django-rules-light,
  • Add to settings.INSTALLED_APPS: rules_light,
  • Add in settings.MIDDLEWARE_CLASSES (or settings.MIDDLEWARE for Django 1.10+): rules_light.middleware.Middleware,

You might want to read the tutorial.

There is also a lot of documentation, from the core to the tools, including pointers to debug, log and test your security.


Run tests with the tox command. Documented patches passing all tests have a better chance to get merged in. See community guidelines for details.


To ask questions or just get informed about package updates, you could subscribe to the mailing list.